@@ -83,6 +83,13 @@ Example (Qpid):

     ENABLED_SERVICES="$ENABLED_SERVICES,-rabbit,-zeromq,qpid"

+# Apache Frontend

+

+Apache web server is enabled for wsgi services by setting `APACHE_ENABLED_SERVICES` in your localrc. But remember to enable these services at first as above.

+

+Example:

+    APACHE_ENABLED_SERVICES+=keystone,swift

+

 # Swift

 Swift is disabled by default.  When enabled, it is configured with

new file mode 100644

@@ -0,0 +1,118 @@

+# lib/apache

+# Functions to control configuration and operation of apache web server

+

+# Dependencies:

+# ``functions`` file

+# is_apache_enabled_service

+# change_apache_user_group

+# install_apache_wsgi

+# config_apache_wsgi

+# start_apache_server

+# stop_apache_server

+# restart_apache_server

+

+# Save trace setting

+XTRACE=$(set +o | grep xtrace)

+set +o xtrace

+

+# Allow overriding the default Apache user and group, default to

+# current user and his default group.

+APACHE_USER=${APACHE_USER:-$USER}

+APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)}

+

+

+# Set up apache name and configuration directory

+if is_ubuntu; then

+    APACHE_NAME=apache2

+    APACHE_CONF_DIR=sites-available

+elif is_fedora; then

+    APACHE_NAME=httpd

+    APACHE_CONF_DIR=conf.d

+elif is_suse; then

+    APACHE_NAME=apache2

+    APACHE_CONF_DIR=vhosts.d

+fi

+

+# Functions

+# ---------

+

+# is_apache_enabled_service() checks if the service(s) specified as arguments are

+# apache enabled by the user in ``APACHE_ENABLED_SERVICES`` as web front end.

+#

+# Multiple services specified as arguments are ``OR``'ed together; the test

+# is a short-circuit boolean, i.e it returns on the first match.

+#

+# Uses global ``APACHE_ENABLED_SERVICES``

+# APACHE_ENABLED_SERVICES service [service ...]

+function is_apache_enabled_service() {

+    services=$@

+    for service in ${services}; do

+        [[ ,${APACHE_ENABLED_SERVICES}, =~ ,${service}, ]] && return 0

+    done

+    return 1

+}

+

+# change_apache_user_group() - Change the User/Group to run Apache server

+function change_apache_user_group(){

+    local stack_user=$@

+    if is_ubuntu; then

+        sudo sed -e "

+            s/^export APACHE_RUN_USER=.*/export APACHE_RUN_USER=${stack_user}/g;

+            s/^export APACHE_RUN_GROUP=.*/export APACHE_RUN_GROUP=${stack_user}/g

+        " -i /etc/${APACHE_NAME}/envvars

+    elif is_fedora; then

+        sudo sed -e "

+            s/^User .*/User ${stack_user}/g;

+            s/^Group .*/Group ${stack_user}/g

+        " -i /etc/${APACHE_NAME}/httpd.conf

+    elif is_suse; then

+        sudo sed -e "

+            s/^User .*/User ${stack_user}/g;

+            s/^Group .*/Group ${stack_user}/g

+        " -i /etc/${APACHE_NAME}/uid.conf

+    else

+        exit_distro_not_supported "apache user and group"

+    fi

+}

+

+# install_apache_wsgi() - Install Apache server and wsgi module

+function install_apache_wsgi() {

+    # Apache installation, because we mark it NOPRIME

+    if is_ubuntu; then

+        # Install apache2, which is NOPRIME'd

+        install_package apache2 libapache2-mod-wsgi

+    elif is_fedora; then

+        sudo rm -f /etc/httpd/conf.d/000-*

+        install_package httpd mod_wsgi

+    elif is_suse; then

+        install_package apache2 apache2-mod_wsgi

+    else

+        exit_distro_not_supported "apache installation"

+    fi

+}

+

+# start_apache_server() - Start running apache server

+function start_apache_server() {

+    start_service $APACHE_NAME

+}

+

+# stop_apache_server() - Stop running apache server

+function stop_apache_server() {

+    if [ -n "$APACHE_NAME" ]; then

+        stop_service $APACHE_NAME

+    else

+        exit_distro_not_supported "apache configuration"

+    fi

+}

+

+# restart_apache_server

+function restart_apache_server() {

+    restart_service $APACHE_NAME

+}

+

+# Restore xtrace

+$XTRACE

+

+# Local variables:

+# mode: shell-script

+# End:

@@ -4,6 +4,7 @@

 # Dependencies:

 # ``functions`` file

+# ``apache`` file

 # ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined

 # <list other global vars that are assumed to be defined>

@@ -33,23 +34,6 @@ HORIZON_DIR=$DEST/horizon

 # The example file in Horizon repo is used by default.

 HORIZON_SETTINGS=${HORIZON_SETTINGS:-$HORIZON_DIR/openstack_dashboard/local/local_settings.py.example}

-# Allow overriding the default Apache user and group, default to

-# current user and his default group.

-APACHE_USER=${APACHE_USER:-$USER}

-APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)}

-

-# Set up service name and configuration path

-if is_ubuntu; then

-    APACHE_NAME=apache2

-    APACHE_CONF=sites-available/horizon

-elif is_fedora; then

-    APACHE_NAME=httpd

-    APACHE_CONF=conf.d/horizon.conf

-elif is_suse; then

-    APACHE_NAME=apache2

-    APACHE_CONF=vhosts.d/horizon.conf

-fi

-

 # Functions

 # ---------

@@ -119,11 +103,12 @@ function init_horizon() {

     sudo mkdir -p $HORIZON_DIR/.blackhole

     HORIZON_REQUIRE=''

+    local horizon_conf=/etc/$APACHE_NAME/$APACHE_CONF_DIR/horizon

     if is_ubuntu; then

         # Clean up the old config name

         sudo rm -f /etc/apache2/sites-enabled/000-default

         # Be a good citizen and use the distro tools here

-        sudo touch /etc/$APACHE_NAME/$APACHE_CONF

+        sudo touch $horizon_conf

         sudo a2ensite horizon

         # WSGI isn't enabled by default, enable it

         sudo a2enmod wsgi

@@ -153,23 +138,13 @@ function init_horizon() {

         s,%APACHE_NAME%,$APACHE_NAME,g;

         s,%DEST%,$DEST,g;

         s,%HORIZON_REQUIRE%,$HORIZON_REQUIRE,g;

-    \" $FILES/apache-horizon.template >/etc/$APACHE_NAME/$APACHE_CONF"

+    \" $FILES/apache-horizon.template >$horizon_conf"

 }

 # install_horizon() - Collect source and prepare

 function install_horizon() {

     # Apache installation, because we mark it NOPRIME

-    if is_ubuntu; then

-        # Install apache2, which is NOPRIME'd

-        install_package apache2 libapache2-mod-wsgi

-    elif is_fedora; then

-        sudo rm -f /etc/httpd/conf.d/000-*

-        install_package httpd mod_wsgi

-    elif is_suse; then

-        install_package apache2 apache2-mod_wsgi

-    else

-        exit_distro_not_supported "apache installation"

-    fi

+    install_apache_wsgi

     # NOTE(sdague) quantal changed the name of the node binary

     if is_ubuntu; then

@@ -185,17 +160,13 @@ function install_horizon() {

 # start_horizon() - Start running processes, including screen

 function start_horizon() {

-    restart_service $APACHE_NAME

+    restart_apache_server

     screen_it horizon "cd $HORIZON_DIR && sudo tail -f /var/log/$APACHE_NAME/horizon_error.log"

 }

 # stop_horizon() - Stop running processes (non-screen)

 function stop_horizon() {

-    if [ -n "$APACHE_NAME" ]; then

-        stop_service $APACHE_NAME

-    else

-        exit_distro_not_supported "apache configuration"

-    fi

+    stop_apache_server

 }

@@ -3,6 +3,7 @@

 # Dependencies:

 # ``functions`` file

+# ``apache`` file

 # ``DEST``, ``SCREEN_NAME``, `SWIFT_HASH` must be defined

 # ``STACK_USER`` must be defined

 # ``SWIFT_DATA_DIR`` or ``DATA_DIR`` must be defined

@@ -10,11 +11,13 @@

 # ``stack.sh`` calls the entry points in this order:

 #

 # install_swift

+# _config_swift_apache_wsgi

 # configure_swift

 # init_swift

 # start_swift

 # stop_swift

 # cleanup_swift

+# _cleanup_swift_apache_wsgi

 # Save trace setting

 XTRACE=$(set +o | grep xtrace)

@@ -28,6 +31,7 @@ set +o xtrace

 SWIFT_DIR=$DEST/swift

 SWIFTCLIENT_DIR=$DEST/python-swiftclient

 SWIFT_AUTH_CACHE_DIR=${SWIFT_AUTH_CACHE_DIR:-/var/cache/swift}

+SWIFT_APACHE_WSGI_DIR=${SWIFT_APACHE_WSGI_DIR:-/var/www/swift}

 SWIFT3_DIR=$DEST/swift3

 # TODO: add logging to different location.

@@ -97,6 +101,103 @@ function cleanup_swift() {

       rm ${SWIFT_DATA_DIR}/drives/images/swift.img

    fi

    rm -rf ${SWIFT_DATA_DIR}/run/

+   if is_apache_enabled_service swift; then

+       _cleanup_swift_apache_wsgi

+   fi

+}

+

+# _cleanup_swift_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file

+function _cleanup_swift_apache_wsgi() {

+    sudo rm -f $SWIFT_APACHE_WSGI_DIR/*.wsgi

+    ! is_fedora && sudo a2dissite proxy-server

+    for node_number in ${SWIFT_REPLICAS_SEQ}; do

+        for type in object container account; do

+            site_name=${type}-server-${node_number}

+            ! is_fedora && sudo a2dissite ${site_name}

+            sudo rm -f /etc/$APACHE_NAME/$APACHE_CONF_DIR/${site_name}

+        done

+    done

+}

+

+# _config_swift_apache_wsgi() - Set WSGI config files of Swift

+function _config_swift_apache_wsgi() {

+    sudo mkdir -p ${SWIFT_APACHE_WSGI_DIR}

+    local apache_vhost_dir=/etc/${APACHE_NAME}/$APACHE_CONF_DIR

+    local proxy_port=${SWIFT_DEFAULT_BIND_PORT:-8080}

+

+    # copy proxy vhost and wsgi file

+    sudo cp ${SWIFT_DIR}/examples/apache2/proxy-server.template ${apache_vhost_dir}/proxy-server

+    sudo sed -e "

+        /^#/d;/^$/d;

+        s/%PORT%/$proxy_port/g;

+        s/%SERVICENAME%/proxy-server/g;

+        s/%APACHE_NAME%/${APACHE_NAME}/g;

+    " -i ${apache_vhost_dir}/proxy-server

+

+    sudo cp ${SWIFT_DIR}/examples/wsgi/proxy-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi

+    sudo sed -e "

+        /^#/d;/^$/d;

+        s/%SERVICECONF%/proxy-server.conf/g;

+    " -i ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi

+    ! is_fedora && sudo a2ensite proxy-server

+

+    # copy apache vhost file and set name and port

+    for node_number in ${SWIFT_REPLICAS_SEQ}; do

+        object_port=$[OBJECT_PORT_BASE + 10 * ($node_number - 1)]

+        container_port=$[CONTAINER_PORT_BASE + 10 * ($node_number - 1)]

+        account_port=$[ACCOUNT_PORT_BASE + 10 * ($node_number - 1)]

+

+        sudo cp ${SWIFT_DIR}/examples/apache2/object-server.template ${apache_vhost_dir}/object-server-${node_number}

+        sudo sed -e "

+            s/%PORT%/$object_port/g;

+            s/%SERVICENAME%/object-server-${node_number}/g;

+            s/%APACHE_NAME%/${APACHE_NAME}/g;

+        " -i ${apache_vhost_dir}/object-server-${node_number}

+        ! is_fedora && sudo a2ensite object-server-${node_number}

+

+        sudo cp ${SWIFT_DIR}/examples/wsgi/object-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/object-server-${node_number}.wsgi

+        sudo sed -e "

+            /^#/d;/^$/d;

+            s/%SERVICECONF%/object-server\/${node_number}.conf/g;

+        " -i ${SWIFT_APACHE_WSGI_DIR}/object-server-${node_number}.wsgi

+

+        sudo cp ${SWIFT_DIR}/examples/apache2/container-server.template ${apache_vhost_dir}/container-server-${node_number}

+        sudo sed -e "

+            /^#/d;/^$/d;

+            s/%PORT%/$container_port/g;

+            s/%SERVICENAME%/container-server-${node_number}/g;

+            s/%APACHE_NAME%/${APACHE_NAME}/g;

+        " -i ${apache_vhost_dir}/container-server-${node_number}

+        ! is_fedora && sudo a2ensite container-server-${node_number}

+

+        sudo cp ${SWIFT_DIR}/examples/wsgi/container-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/container-server-${node_number}.wsgi

+        sudo sed -e "

+            /^#/d;/^$/d;

+            s/%SERVICECONF%/container-server\/${node_number}.conf/g;

+        " -i ${SWIFT_APACHE_WSGI_DIR}/container-server-${node_number}.wsgi

+

+        sudo cp ${SWIFT_DIR}/examples/apache2/account-server.template ${apache_vhost_dir}/account-server-${node_number}

+        sudo sed -e "

+             /^#/d;/^$/d;

+            s/%PORT%/$account_port/g;

+            s/%SERVICENAME%/account-server-${node_number}/g;

+            s/%APACHE_NAME%/${APACHE_NAME}/g;

+        " -i ${apache_vhost_dir}/account-server-${node_number}

+        ! is_fedora && sudo a2ensite account-server-${node_number}

+

+        sudo cp ${SWIFT_DIR}/examples/wsgi/account-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/account-server-${node_number}.wsgi

+        sudo sed -e "

+             /^#/d;/^$/d;

+            s/%SERVICECONF%/account-server\/${node_number}.conf/g;

+        " -i ${SWIFT_APACHE_WSGI_DIR}/account-server-${node_number}.wsgi

+

+    done

+

+    # run apache server as stack user

+    change_apache_user_group ${STACK_USER}

+

+    # WSGI isn't enabled by default, enable it

+    ! is_fedora && sudo a2enmod wsgi

 }

 # configure_swift() - Set config files, create data dirs and loop image

@@ -288,6 +389,9 @@ EOF

     sudo chown -R $USER:adm ${swift_log_dir}

     sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \

         tee /etc/rsyslog.d/10-swift.conf

+    if is_apache_enabled_service swift; then

+        _config_swift_apache_wsgi

+    fi

 }

 # create_swift_disk - Create Swift backing disk

@@ -423,6 +527,9 @@ function init_swift() {

 function install_swift() {

     git_clone $SWIFT_REPO $SWIFT_DIR $SWIFT_BRANCH

     setup_develop $SWIFT_DIR

+    if is_apache_enabled_service swift; then

+        install_apache_wsgi

+    fi

 }

 function install_swiftclient() {

@@ -444,6 +551,22 @@ function start_swift() {

         sudo systemctl start xinetd.service

     fi

+    if is_apache_enabled_service swift; then

+        # Make sure the apache lock dir is owned by $STACK_USER

+        # for running apache server to avoid failure of restarting

+        # apache server due to permission problem.

+        sudo chown -R $STACK_USER /var/run/lock/$APACHE_NAME

+        restart_apache_server

+        swift-init --run-dir=${SWIFT_DATA_DIR}/run rest start

+        screen_it s-proxy "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/proxy-server"

+        if [[ ${SWIFT_REPLICAS} == 1 ]]; then

+            for type in object container account; do

+                screen_it s-${type} "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/${type}-server-1"

+            done

+        fi

+        return 0

+    fi

+

    # By default with only one replica we are launching the proxy,

    # container, account and object server in screen in foreground and

    # other services in background. If we have SWIFT_REPLICAS set to something

@@ -460,7 +583,7 @@ function start_swift() {

    done

    screen_it s-proxy "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-proxy-server ${SWIFT_CONF_DIR}/proxy-server.conf -v"

    if [[ ${SWIFT_REPLICAS} == 1 ]]; then

-       for type in object container account;do

+       for type in object container account; do

            screen_it s-${type} "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-${type}-server ${SWIFT_CONF_DIR}/${type}-server/1.conf -v"

        done

    fi

@@ -468,6 +591,11 @@ function start_swift() {

 # stop_swift() - Stop running processes (non-screen)

 function stop_swift() {

+

+    if is_apache_enabled_service swift; then

+        swift-init --run-dir=${SWIFT_DATA_DIR}/run rest stop && return 0

+    fi

+

     # screen normally killed by unstack.sh

     if type -p swift-init >/dev/null; then

         swift-init --run-dir=${SWIFT_DATA_DIR}/run all stop || true

@@ -298,6 +298,7 @@ SERVICE_TIMEOUT=${SERVICE_TIMEOUT:-60}

 # ==================

 # Source project function libraries

+source $TOP_DIR/lib/apache

 source $TOP_DIR/lib/tls

 source $TOP_DIR/lib/horizon

 source $TOP_DIR/lib/keystone

@@ -24,6 +24,9 @@ source $TOP_DIR/stackrc

 # Destination path for service data

 DATA_DIR=${DATA_DIR:-${DEST}/data}

+# Import apache functions

+source $TOP_DIR/lib/apache

+

 # Get project function libraries

 source $TOP_DIR/lib/baremetal

 source $TOP_DIR/lib/cinder